bug #4612 [security] XSS vulnerability in redirection mechanism

Signed-off-by: Marc Delisle <marc@infomarc.info>
author: Michal Čihař <michal@cihar.com> 2014-12-03 16:29:55 +0300
committer: Marc Delisle <marc@infomarc.info> 2014-12-03 16:29:55 +0300
commit: 1daa32fb97b90fd1bf233cae9ed249e37fa175c4 (patch)
tree: ed1cb471678e836c3d1216c507914e45bad49e4f /url.php
parent: 41277d1887300298e007ae3151af9983a6a384af (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/url.php b/url.php
index 71efc9fb6b..82b224311b 100644
--- a/url.php
+++ b/url.php
@@ -11,6 +11,10 @@
  */
 define('PMA_MINIMUM_COMMON', true);
 require_once './libraries/common.inc.php';
+/**
+ * JavaScript escaping.
+ */
+require_once './libraries/js_escape.lib.php';
 
 if (! PMA_isValid($_GET['url'])
     || ! preg_match('/^https?:\/\/[^\n\r]*$/', $_GET['url'])
@@ -24,7 +28,7 @@ if (! PMA_isValid($_GET['url'])
     //  external site.
     echo "<script type='text/javascript'>
             window.onload=function(){
-                window.location='" . htmlspecialchars($_GET['url']) . "';
+                window.location='" . PMA_escapeJsString($_GET['url']) . "';
             }
         </script>";
     // Display redirecting msg on screen.
author	Michal Čihař <michal@cihar.com>	2014-12-03 16:29:55 +0300
committer	Marc Delisle <marc@infomarc.info>	2014-12-03 16:29:55 +0300
commit	1daa32fb97b90fd1bf233cae9ed249e37fa175c4 (patch)
tree	ed1cb471678e836c3d1216c507914e45bad49e4f /url.php
parent	41277d1887300298e007ae3151af9983a6a384af (diff)